<?php
/*
    GUMUD is Extensible Web-based Multi-User Dungeon Software.

    Copyright (C) 2013  White Rabbit

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
//MySQL Query Database
function myquery($query) {
	mysql_connect(dbhost, dbuser, dbpass);
	mysql_select_db(dbname);
	$result = mysql_query($query);
	if (!mysql_errno() && @mysql_num_rows($result) > 0) {
}
else {
$result="not";
}
	mysql_close();
	return $result;
}
// MySQL Num Rows
function myrows($result) {
	$rows = @mysql_num_rows($result);
	return $rows;
}
// MySQL fetch array
function myarray($result) {
	$array = mysql_fetch_array($result);
	return $array;
}
// MySQL escape string
function myescape($query) {
	$escape = mysql_escape_string($query);
	return $escape;
}
//Initilize Session
function initSession($session) {
	if (!isset($session['initiated'])) {
		session_regenerate_id();
		$session['initiated'] = true;
	}
	return $session;
}
function initLocalLoc ($get) {
		

		myquery("INSERT INTO `".dbprfx."region-local-loc` (`localX`,`localY`,`userUUID`) VALUES ('100','100','".$get['uuid']."')");
		
}
//Agent Session
function agentSession($session,$agent) {
	$fingerprint = md5($agent . publicsecret);
	if (isset($session['HTTP_USER_AGENT'])) {
		if ($session['HTTP_USER_AGENT'] != $fingerprint) {
			die();
			exit;
		}
	} else {
		$session['HTTP_USER_AGENT'] = $fingerprint;
	}
	return $session;
}
function gen_uuid() {
    return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
        // 32 bits for "time_low"
        mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ),

        // 16 bits for "time_mid"
        mt_rand( 0, 0xffff ),

        // 16 bits for "time_hi_and_version",
        // four most significant bits holds version number 4
        mt_rand( 0, 0x0fff ) | 0x4000,

        // 16 bits, 8 bits for "clk_seq_hi_res",
        // 8 bits for "clk_seq_low",
        // two most significant bits holds zero and one for variant DCE1.1
        mt_rand( 0, 0x3fff ) | 0x8000,

        // 48 bits for "node"
        mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff )
    );
}
function requestFilter($get) {
	$output = "";
	
	if ($get['request'] == "requestValidateUser")  {
		$str1 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getuser&firstname=".$get['firstname']."&lastname=".$get['lastname']);
		$str2 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=validateuser&uuid=".$str1."&passhash=".md5($get['pass']."~".publicsecret));
		$output = $output.$str2;
	}
	if ($get['request'] == "requestScene")  {
		$str1 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getuser&firstname=".$get['firstname']."&lastname=".$get['lastname']);
		$str2 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=validateuser&uuid=".$str1."&passhash=".md5($get['pass']."~".publicsecret));
		if ($str2 == "validated") {
			$str3 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getUserRegionLoc&uuid=".$str1);
			$str4 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getRegionData&uuid=".$str3);
			$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getlocalLoc&uuid=".$str1);
			$array2 = explode("~",$str6);
					$localX = $array2[0];
					$localY = $array2[1];
				$str5 = file_get_contents("http://".$regionURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=sceneViewRequest&localX=".$localX."&localY=".$localY."&uuid=".$str3."&personuuid=".$str1);
				$output = $str5;
			}
	}
	if ($get['request'] == "verifyLocalCoordinates") {
	 $result = myquery("SELECT * FROM `".dbprfx."region-scene` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' LIMIT 1");
	 if ($result != "not") {
		$output = "validated";
	 }
	 else { $output = "fail"; }
	}
	if ($get['request'] == "sceneViewDefaultLookup") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene` WHERE `regionUUID` = '".$get['uuid']."' AND `defaultScene` = 'yes' LIMIT 1");
		if ($result1 != "not") {
		$array1 = myarray($result1);
		$output = $array1['localX']."~".$array1['localY'];
		}
		else {
		$output = $output."fail";
		}
	}
	if ($get['request'] == "setViewRequest") {
		$xplode = explode(" ",myescape(urldecode($get['data'])));
		$x=1;
		while(isset($xplode[$x])) {
		$x++;
		}
		$x = $x-1;
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene-editors` WHERE `editorUUID` = '".$get['editor']."' LIMIT 1");
		if ($result1 != "not") {
			$var3 = getSNumArr($get['data']);
			if (DescriptionUpdatesCostMoney) {
			$str5 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=DEDUCTxchangeLex&uuid=".$get['editor']."&amount=".$var3);
			}
			if (($str5 != "NSF") or (!DescriptionUpdatesCostMoney)) {
				$resultSV = myquery("SELECT * FROM `".dbprfx."region-scene-states` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `stateName` = '".$get['view']."' LIMIT 1");
				if ($resultSV != "not") {
				myquery("UPDATE `".dbprfx."region-scene-states` SET `".$get['type']."` = '".myescape(urldecode($get['data']))."' WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `stateName` = '".$get['view']."'");
				}
				else {
				// echo "INSERT INTO `".dbprfx."region-scene-states` (`regionUUID`,`stateName`,`localX`,`localY`,`".$get['type']."`,`statePassThreshold`,`statePassTriggers`,`stateFailTriggers`) VALUES ('".$get['uuid']."','".$get['view']."','".$get['localX']."','".$get['localY']."','".myescape(urldecode($get['data']))."','AUTO|AUTO','NOTHING|NOTHING','NOTHING|NOTHING')"; die(); exit();
				myquery("INSERT INTO `".dbprfx."region-scene-states` (`regionUUID`,`stateName`,`localX`,`localY`,`".$get['type']."`,`statePassThreshold`,`statePassTriggers`,`stateFailTriggers`) VALUES ('".$get['uuid']."','".$get['view']."','".$get['localX']."','".$get['localY']."','".myescape(urldecode($get['data']))."','AUTO|AUTO','NOTHING|NOTHING','NOTHING|NOTHING')");
				}
				// myquery("UPDATE `".dbprfx."region-scene` set `sceneLex` = '".myescape(urldecode($get['data']))."' WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."'");
				
				$output = "Scene updated successfully.";
			}
			else {
				$output = "Scene could not be updated; you have insufficient Lexical Points to update area.";
			}
		}
		else {
			$output = "You do not have edit permissions for this area.";
		}
	}
	// DEPRECATED
	/*if ($get['request'] == "setViewDetailRequest") {
		$xplode = explode(" ",myescape(urldecode($get['data'])));
		$x=1;
		while(isset($xplode[$x])) {
		$x++;
		}
		$x = $x-1;
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene-editors` WHERE `editorUUID` = '".$get['editor']."' LIMIT 1");
		if ($result1 != "not") {
		
		$var3 = getSNumArr($get['data']);
		if (DescriptionUpdatesCostMoney) {
			$str5 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=DEDUCTxchangeLex&uuid=".$get['editor']."&amount=".$var3);
			}
			if (($str5 != "NSF") or (!DescriptionUpdatesCostMoney)) {
		myquery("UPDATE `".dbprfx."region-scene` set `sceneDetailLex` = '".myescape(urldecode($get['data']))."' WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."'");
		
		$output = "Scene updated successfully.";
		}
		else {
		$output = "Scene could not be updated; you have insufficient Lexical Points to update area.";
		}
		}
		else {
		$output = "You do not have edit permissions for this area.";
		}
	} */
	if ($get['request'] == "sceneViewRequest") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' LIMIT 1");
		$result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."'");
		$inventory = "";
		if ($result1 != "not") {
			if ($result2 != "not") {
				$rows = myrows($result2);
				$x = 1;
				$inventory = "You see a ";
				while ($x <= $rows) {
					$array = myarray($result2);
					$inventory = $inventory.$array['objectName'];
					if(($rows - 1 == $x)) {
						$inventory = $inventory." and a ";
					}
					elseif ($x < $rows) {
						$inventory = $inventory.", a ";
					}
					$x++;
				}
				$inventory = $inventory." in this area.";
			}
		$array1 = myarray($result1);
		$resultSV = myquery("SELECT * FROM `".dbprfx."region-scene-states` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `stateName` = '".$array1['sceneState']."' LIMIT 1");
		$arraySV = myarray($resultSV);
		$array4A = splitdata($arraySV['statePassThreshold']);
	$xxx = 0;
		
		while(isset($array4A[$xxx])) {
		$array5A = explode("|",$array4A[$xxx]);
		$pass = stateAvatarPassThreshold($get['personuuid'],$array5[0],$array5A[1]);
		$xxx=$xxx+2;
		}
		unset($array5A);
		if($pass) {
			$array6A = splitdata($arraySV['statePassTriggers']);
			$xxx = 0;
			while(isset($array6A[$xxx])) {
			$array7A = explode("|",$array6A[$xxx]);
			$trigger = stateAvatarTriggers($get['personuuid'],$array7A[0],$array7A[1]);
			$xxx++;
			}
		
		$textA = $arraySV['stateViewSuccess'];
		}
		else {
			$array6A = splitdata($arraySV['stateFailTriggers']);
			$xxx = 0;
			while(isset($array6A[$xxx])) {
			$array7A = explode("|",$array6A[$xxx]);
			$trigger = stateAvatarTriggers($get['personuuid'],$array7A[0],$array7A[1]);
			$xxx++;
			}
		$textA = $arraySV['stateViewFailure'];
		}
		$outputA = $textA;
		$output = $outputA." ".$inventory;
		}
		else {
		$output = $output."fail";
		}
	}
	if ($get['request'] == "sceneDetailViewRequest") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' LIMIT 1");
		$result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."'");
		$inventory = "";
		if ($result1 != "not") {
		if ($result2 != "not") {
				$rows = myrows($result2);
				$x = 1;
				$inventory = "You see a ";
				while ($x <= $rows) {
					$array = myarray($result2);
					$inventory = $inventory.$array['objectName'];
					if(($rows - 1 == $x)) {
						$inventory = $inventory." and a ";
					}
					elseif ($x < $rows) {
						$inventory = $inventory.", a ";
					}
					$x++;
				}
				$inventory = $inventory." in this area.";
			}
		$array1 = myarray($result1);
		$resultSV = myquery("SELECT * FROM `".dbprfx."region-scene-states` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `stateName` = '".$array1['sceneState']."' LIMIT 1");
		$arraySV = myarray($resultSV);
		$array4A = splitdata($arraySV['statePassThreshold']);
	$xxx = 0;
		
		while(isset($array4A[$xxx])) {
		$array5A = explode("|",$array4A[$xxx]);
		$pass = stateAvatarPassThreshold($get['personuuid'],$array5[0],$array5A[1]);
		$xxx=$xxx+2;
		}
		unset($array5A);
		if($pass) {
			$array6A = splitdata($arraySV['statePassTriggers']);
			$xxx = 0;
			while(isset($array6A[$xxx])) {
			$array7A = explode("|",$array6A[$xxx]);
			$trigger = stateAvatarTriggers($get['personuuid'],$array7A[0],$array7A[1]);
			$xxx++;
			}
		
		$textA = $arraySV['stateDetailViewSuccess'];
		}
		else {
			$array6A = splitdata($arraySV['stateFailTriggers']);
			$xxx = 0;
			while(isset($array6A[$xxx])) {
			$array7A = explode("|",$array6A[$xxx]);
			$trigger = stateAvatarTriggers($get['personuuid'],$array7A[0],$array7A[1]);
			$xxx++;
			}
		$textA = $arraySV['stateDetailViewFailure'];
		}
		$outputA = $textA;
		$output = $outputA." ".$inventory;
		}
		else {
		$output = $output."fail";
		}
	}
	if ($get['request'] == "getLocalLoc") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		
		$result1 = myquery("SELECT * FROM `".dbprfx."region-local-loc` WHERE `userUUID` = '".$get['uuid']."' LIMIT 1");
		if ($result1 != "not") {
		$array1 = myarray($result1);
		$output = $output.$array1['localX']."~".$array1['localY'];
		}
		else {
		initLocalLoc($get);
		$output = $output."100~100";
		}
	}
	if ($get['request'] == "putLocalLoc") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		
		$result1 = myquery("SELECT * FROM `".dbprfx."region-local-loc` WHERE `userUUID` = '".$get['uuid']."' LIMIT 1");
		if ($result1 != "not") {
		myquery("UPDATE `".dbprfx."region-local-loc` SET `localX` = '".$get['localX']."',`localY` = '".$get['localY']."' WHERE `userUUID` = '".$get['uuid']."'");
		$output = $output."success";
		}
		else {
		myquery("INSERT INTO `".dbprfx."region-local-loc` (`localX`,`localY`,`userUUID`) VALUES ('".$get['localX']."','".$get['localY']."','".$get['uuid']."')");
		$output = $output."success";
		}
	}
	if ($get['request'] == "initRegion") {
	$var2 = gen_uuid();
	 $result1 = myquery("INSERT INTO `".dbprfx."region-scene`  (`sceneUUID`,`regionUUID`,`localX`,`localY`,`sceneLex`,`sceneDetailLex`,`defaultScene`) VALUES ('".$var2."','".$get['uuid']."', '".$get['localX']."','".$get['localY']."','empty scene','empty scene','yes')");
				 $result2 = myquery("INSERT INTO `".dbprfx."region-scene-editors` (`regionUUID`,`localX`,`localY`,`editorUUID`) VALUES ('".$get['uuid']."','".$get['localX']."','".$get['localY']."','".$get['owneruuid']."')");
				 $result3 = myquery("INSERT INTO `".dbprfx."region-scene-variables` (`regionUUID`,`localX`,`localY`,`objectEntry`,`objectEntryAutoReturnTime`,`weatherType`,`avatarEntry`,`avatarEntryAutoReturnTime`) VALUES ('".$get['uuid']."','".$get['localX']."','".$get['localY']."','ALL','600','REGION','ALL','600')");
				 $output = "Area successfully created.";
	}
	if ($get['request'] == "createArea") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
		 if ($get['direction'] == "north") {
	 $var1['localY'] = $get['localY'] + 1;
	 }
	 elseif ($get['direction'] == "south") {
	 $var1['localY'] = $get['localY'] - 1;
	 }
	 elseif ($get['direction'] == "east") {
	 $var1['localX'] = $get['localX'] + 1;
	 }
	 elseif ($get['direction'] == "west") {
	 $var1['localX'] = $get['localX'] - 1;
	 }
		$result = myquery("SELECT * FROM `".dbprfx."region-scene` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$var1['localX']."' AND `localY` = '".$var1['localY']."' LIMIT 1");
	 if ($result != "not") {
		$output = "Area creation failed; Area already exists";
	 }
	 elseif (($var1['localX'] > sceneMaxX) or ($var1['localY'] > sceneMaxY)) { 
	 $output = "Area coordinates are beyond map boundaries";
	 }
	 elseif (($var1['localX'] < 0) or ($var1['localY'] < 0)) { 
	 $output = "Area coordinates are beyond map boundaries";
	 }
	 else { 
	 
	 $str4 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getRegionOwnerUUID&uuid=".$get['uuid']);
	
	 $failflag = FALSE;
	 if (($var1['localX'] < 0) or ($var1['localY'] < 0)) { $failflag = TRUE; }
		 if ($failflag) {
			$output = "Area cannot be created; map coordinates are beneath minimum boundaries of zero.";
		 }
		 else {
			 if ($str4 == $get['editor']) {
			 $var2 = gen_uuid();
			 if(SceneAdditionCostsMoney) {
			 $str5 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=DEDUCTxchangeLex&uuid=".$get['editor']."&amount=".sceneCost);
			}
	if (($str5 != "NSF") or (!SceneAdditionCostMoney)) {
				 $result1 = myquery("INSERT INTO `".dbprfx."region-scene`  (`sceneUUID`,`regionUUID`,`localX`,`localY`,`sceneLex`,`sceneDetailLex`,`defaultScene`) VALUES ('".$var2."','".$get['uuid']."', '".$var1['localX']."','".$var1['localY']."','empty scene','empty scene','no')");
				 $result2 = myquery("INSERT INTO `".dbprfx."region-scene-editors` (`regionUUID`,`localX`,`localY`,`editorUUID`) VALUES ('".$get['uuid']."','".$var1['localX']."','".$var1['localY']."','".$get['editor']."')");
				 $result3 = myquery("INSERT INTO `".dbprfx."region-scene-variables` (`regionUUID`,`localX`,`localY`,`objectEntry`,`objectEntryAutoReturnTime`,`weatherType`,`avatarEntry`,`avatarEntryAutoReturnTime`) VALUES ('".$get['uuid']."','".$var1['localX']."','".$var1['localY']."','ALL','600','REGION','ALL','600')");
				 $output = "Area successfully created.";
				 }
				 else {
				 $output = "Area creation failed; You do not have enough Lexical Points to create a new area.";
				 }
			 }
			 else {
				$output = "You do not have permission to create that area.";
			 }
		 }
	 }
	
	}
	if ($get['request'] == "createObject") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
	 $str4 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getRegionOwnerUUID&uuid=".trim($get['uuid']));
	$result2 = myquery("SELECT * FROM `".dbprfx."region-scene-variables` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$var1['localX']."' AND `localY` = '".$var1['localY']."' LIMIT 1");
		 $array2 = myarray($result2);
			 if (($str4 == $get['editor']) or ($array2['objectEntry'] == "ALL")) {
			 $var2 = gen_uuid();
			 $var3 = gen_uuid();
			 $str5 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=DEDUCTxchangeLex&uuid=".$get['editor']."&amount=100");
				if ($str5 != "NSF") {
					$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=initObject&uuid=".$get['editor']."&objectUUID=".$var2."&object=".$get['object']);
					$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=initObject&uuid=".$get['editor']."&objectUUID=".$var3."&object=".$get['object']);
				 $result1 = myquery("INSERT INTO `".dbprfx."region-scene-objects`  (`regionUUID`,`localX`,`localY`,`objectUUID`,`objectInstanceUUID`,`objectName`,`ownerUUID`,`objectInstanceEntryTime`) VALUES ('".$get['uuid']."', '".$var1['localX']."','".$var1['localY']."','".$var2."','".$var3."','".myescape(urldecode($get['object']))."','".$get['editor']."','".time()."')");
				 $output = "Object successfully created.";
				 }
				 else {
				 $output = "Object creation failed; You do not have enough Lexical Points to create a new area.";
				 }
			 }
			 else {
				$output = "You do not have permission to create objects in this area.";
			 }
		
	 
	
	}
	if ($get['request'] == "getObject") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."' LIMIT 1");
		if ($result1 != "not") {
		$array = myarray($result1);
		$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=takeObject&uuid=".$get['editor']."&objectUUID=".$array['objectUUID']."&objectInstanceUUID=".$array['objectInstanceUUID']."&object=".urlencode($get['object']));
		$result2 = myquery("DELETE FROM `".dbprfx."region-scene-objects` WHERE `objectInstanceUUID` = '".$array['objectInstanceUUID']."'");
		$output = "You successfully added the object to your inventory.";
		}
		else {
		$output = "You cannot take that!";
		}
	}
	if ($get['request'] == "viewObject") {
		
		
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' LIMIT 1");
		if ($result1 != "not") {
		$array = myarray($result1);
		$output = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=viewObject&objectUUID=".$array['objectInstanceUUID']."&personUUID=".$get['editor']);
		}
		else {
		$output = "You don't see that here!";
		}
	}
	if ($get['request'] == "viewObjectDetail") {
		
		
		$result1 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' LIMIT 1");
		if ($result1 != "not") {
		$array = myarray($result1);
		$output = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=viewObjectDetail&objectUUID=".$array['objectInstanceUUID']."&personUUID=".$get['editor']);
		}
		else {
		$output = "You don't see that here!";
		}
	}
	if ($get['request'] == "putObject") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
	 $str4 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getRegionOwnerUUID&uuid=".$get['uuid']);
	$result2 = myquery("SELECT * FROM `".dbprfx."region-scene-variables` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$var1['localX']."' AND `localY` = '".$var1['localY']."' LIMIT 1");
		 $array2 = myarray($result2);
	 
		 
			 if (($str4 == $get['editor']) or ($array2['objectEntry'] == "ALL")) {
			 $var2 = gen_uuid();
			 $var3 = gen_uuid();
			 
					
				 $result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."'");
		if ($result2 != "not") {
		$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=inventoryPutObject&uuid=".$get['editor']."&object=".urlencode($get['object']));
				 $array = explode("~",$str6);
		$objectname = myescape(urldecode($get['object'])." copy#".myrows($result2));
		if($str6 != "fail") {
				 $result1 = myquery("INSERT INTO `".dbprfx."region-scene-objects`  (`regionUUID`,`localX`,`localY`,`objectUUID`,`objectInstanceUUID`,`objectName`,`ownerUUID`,`objectInstanceEntryTime`) VALUES ('".$get['uuid']."', '".$var1['localX']."','".$var1['localY']."','".$array[0]."','".$array[1]."','".$objectname."','".$get['editor']."','".time()."')");
				 $output = "object successfully placed in area.";
				 }
				 else {
				 $output = "inventory object not found";
				 }
				 }
				 else {
				 
				 $str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=inventoryPutObject&uuid=".$get['editor']."&object=".urlencode($get['object']));
				 $array = explode("~",$str6);
				 if($str6 != "fail") {
				 $result1 = myquery("INSERT INTO `".dbprfx."region-scene-objects`  (`regionUUID`,`localX`,`localY`,`objectUUID`,`objectInstanceUUID`,`objectName`,`ownerUUID`,`objectInstanceEntryTime`) VALUES ('".$get['uuid']."', '".$var1['localX']."','".$var1['localY']."','".$array[0]."','".$array[1]."','".myescape(preg_replace("/(\p{Zs}|\040)+(#)+(\d)+/","",urldecode($get['object'])))."','".$get['editor']."','".time()."')");
				 $output = "object successfully placed in area.";
				 }
				 else { $output = "inventory object not found"; }
				 }
			 }
			 else {
				$output = "You do not have permission to place objects in this area.";
			 }
		
	 
	
	}
	if ($get['request'] == "deleteObject") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
	
			 $var2 = gen_uuid();
			 $var3 = gen_uuid();
			 
					
				 $result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."'");
		if ($result2 != "not") {
		$array1 = myarray($result2);
		myquery("DELETE FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."'");
		$output = "successfully deleted from scene!";
				 }
				 else {
				 
				 $output = "You do not have permission to delete that!";
				 }
			 
		
	 
	
	}
	if ($get['request'] == "editObjectLex") {
		$xplode = explode(" ",myescape(urldecode($get['data'])));
		$x=1;
		while(isset($xplode[$x])) {
		$x++;
		}
		$x = $x-1;
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
	
			 $var2 = gen_uuid();
			 $var3 = gen_uuid();
			 
					
				 $result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."'");
		if ($result2 != "not") {
		$array1 = myarray($result2);
		if (DescriptionUpdatesCostMoney) {
			$str5 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=DEDUCTxchangeLex&uuid=".$get['editor']."&amount=".$var3);
			}
			if (($str5 != "NSF") or (!DescriptionUpdatesCostMoney)) {
		$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=updateObjectLex&uuid=".$array1['objectInstanceUUID']."&data=".urlencode($get['data']));
			if($str6 == "success") {
			$output = "Object description successfully updated.";
}
else {
$output = "Whoops we can't seem to update the item's description at this time!";
}	}	else {$output = "Object update failed; You do not have enough Lexical Points to update object.";}	
				 }
				 else {
				 
				 $output = "You do not have permission to edit that!";
				 }
			 
		
	 
	
	}
	if ($get['request'] == "editObjectType") {
		if (!preg_match("/(\w|\-)+/",$get['uuid'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localX'])) { die(); exit(); }
		if (!preg_match("/(\d)+/",$get['localY'])) { die(); exit(); }
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
	
			 $var2 = gen_uuid();
			 $var3 = gen_uuid();
			 
					
				 $result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."'");
		if ($result2 != "not") {
		$array1 = myarray($result2);
		$get['data'] = urldecode($get['data']);
		if($get['data'] == "shoes") { $var6 = "shoesLayerUUID";}
		elseif($get['data'] == "socks") { $var6 = "socksLayerUUID";}
		elseif($get['data'] == "undershirt") { $var6 = "undershirtLayerUUID";}
		elseif($get['data'] == "undershorts") { $var6 = "undershortsLayerUUID";}
		elseif($get['data'] == "genitalia") { $var6 = "lowerNaughtyLayerUUID";}
		elseif($get['data'] == "nipples") { $var6 = "upperNaughtyLayerUUID";}
		elseif($get['data'] == "pants") { $var6 = "pantsLayerUUID";}
		elseif($get['data'] == "shirt") { $var6 = "shirtLayerUUID";}
		elseif($get['data'] == "jacket") { $var6 = "jacketLayerUUID";}
		elseif($get['data'] == "gloves") { $var6 = "gloveLayerUUID";}
		elseif($get['data'] == "wrist item") { $var6 = "wristLayerUUID";}
		elseif($get['data'] == "left hand item") { $var6 = "leftHandLayerUUID";}
		elseif($get['data'] == "right hand item") { $var6 = "rightHandLayerUUID";}
		elseif($get['data'] == "hair") { $var6 = "hairLayerUUID";}
		elseif($get['data'] == "left fingers item") { $var6 = "leftFingersLayerUUID";}
		elseif($get['data'] == "right fingers item") { $var6 = "rightFingersLayerUUID";}
		elseif($get['data'] == "left toes item") { $var6 = "leftToesLayerUUID";}
		elseif($get['data'] == "right toes item") { $var6 = "rightToesLayerUUID";}
		elseif($get['data'] == "face item") { $var6 = "faceLayerUUID";}
		elseif($get['data'] == "neck item") { $var6 = "neckLayerUUID";}
		elseif($get['data'] == "left arm item") { $var6 = "leftArmLayerUUID";}
		elseif($get['data'] == "right arm item") { $var6 = "rightArmLayerUUID";}
		elseif($get['data'] == "furniture") { $var6 = "furnitureUUID";}
		$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=updateObjectType&uuid=".$array1['objectInstanceUUID']."&data=".$var6);
			if($str6 == "success") {
			$output = "Object type successfully updated.";
}
else {
$output = "Whoops we can't seem to update the item's type at this time!";
}			
				 }
				 else {
				 
				 $output = "You do not have permission to edit that!";
				 }
			 
		
	 
	
	}
	
	if ($get['request'] == "editObjectDetailLex") {
		$xplode = explode(" ",myescape(urldecode($get['data'])));
		$x=1;
		while(isset($xplode[$x])) {
		$x++;
		}
		$x = $x-1;
		 $var1['localX'] = $get['localX']; $var1['localY'] = $get['localY'];
	
			 $var2 = gen_uuid();
			 $var3 = gen_uuid();
			 
					
				 $result2 = myquery("SELECT * FROM `".dbprfx."region-scene-objects` WHERE `regionUUID` = '".$get['uuid']."' AND `localX` = '".$get['localX']."' AND `localY` = '".$get['localY']."' AND `objectName` = '".myescape(urldecode($get['object']))."' AND `ownerUUID` = '".$get['editor']."'");
		if ($result2 != "not") {
		$array1 = myarray($result2);
		if (DescriptionUpdatesCostMoney) {
			$str5 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=DEDUCTxchangeLex&uuid=".$get['editor']."&amount=".$var3);
			}
			if (($str5 != "NSF") or (!DescriptionUpdatesCostMoney)) {
		$str6 = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=updateObjectDetailLex&uuid=".$array1['objectInstanceUUID']."&data=".urlencode($get['data']));
			if($str6 == "success") {
			$output = "Object description successfully updated.";
			}

else {
$output = "Whoops we can't seem to update the item's description at this time!";
}	}
else {
$output = "Object update failed; You do not have enough Lexical Points to update object.";
}		
				 }
				 else {
				 
				 $output = "You do not have permission to edit that!";
				 }
			 
		
	 
	
	}
	if ($get['request'] == "setLocalChat") {
	$var1 = myquery("INSERT INTO `".dbprfx."local-chat` (`regionUUID`,`userUUID`,`chattime`,`LocalX`,`LocalY`,`avatarFirst`,`avatarLast`,`chatdata`) values ('".$get['uuid']."','".$get['user']."','".(int)$get['time']."','".(int)$get['localX']."','".(int)$get['localY']."','".$get['firstname']."','".$get['lastname']."','".myescape(urldecode($get['data']))."')");
	$output = "success";
	}
	if ($get['request'] == "setLocalChatYell") {
	$var1 = myquery("INSERT INTO `".dbprfx."local-chat` (`regionUUID`,`userUUID`,`chattime`,`LocalX`,`LocalY`,`avatarFirst`,`avatarLast`,`chatdata`) values ('".$get['uuid']."','".$get['user']."','".(int)$get['time']."','".(int)$get['localX']."','".(int)$get['localY']."','".$get['firstname']."','".$get['lastname']."','<span class=\'yell\'>".myescape(urldecode($get['data']))."</span>')");
	$output = "success";
	}
	if ($get['request'] == "setLocalChatWhisper") {
	$var1 = myquery("INSERT INTO `".dbprfx."local-chat` (`regionUUID`,`userUUID`,`chattime`,`LocalX`,`LocalY`,`avatarFirst`,`avatarLast`,`chatdata`) values ('".$get['uuid']."','".$get['user']."','".(int)$get['time']."','".(int)$get['localX']."','".(int)$get['localY']."','".$get['firstname']."','".$get['lastname']."','<span class=\'whisper\'>".myescape(urldecode($get['data']))."</span>')");
	$output = "success";
	}
	$tempout = "";
	if ($get['request'] == "getLocalChat") {
		$result1 = myquery("SELECT * FROM `".dbprfx."local-chat` WHERE `regionUUID` = '".$get['uuid']."' AND `chattime` > '".((int)$get['time'])."' AND `LocalX` = '".$get['localX']."' AND `LocalY` = '".$get['localY']."'");
		if ($result1 != "not") {
			$rows = myrows($result1);
			$x = 1;
			while ( $x <= $rows) {
			$array = myarray($result1);
			$tempout = $tempout."<p><span class='chatname'>".$array['avatarFirst']." ".$array['avatarLast'].":</span><span class='chatentry'> ".smiley(stripslashes($array['chatdata']))."</span>";
			$x++;
			}
			$output = $tempout;
		}
		else {
		$output = "nodata";
		}
	}
	if ($get['request'] == "getLastTimeLocalChat") {
		$result1 = myquery("SELECT * FROM `".dbprfx."local-chat` WHERE `regionUUID` = '".$get['uuid']."' AND `LocalX` = '".$get['localX']."' AND `LocalY` = '".$get['localY']."' ORDER BY `chattime` DESC");
		$array = myarray($result1);
		$output = $array['chattime'];
	}
	
	return $output;
}
function getSNumArr($array) {
	$xx = 0;
	while (isset($array[$xx])) {
		$xx=$xx+1;
	}
	return $xx;
}
function smiley($data) {
	$data = str_replace(":)","<img src='/media/images/smile/smile.png'>",$data);
	$data = str_replace(";)","<img src='/media/images/smile/wink.png'>",$data);
	$data = str_replace(":P","<img src='/media/images/smile/tongue.png'>",$data);
	$data = str_replace(":p","<img src='/media/images/smile/tongue.png'>",$data);
	$data = str_replace(":(","<img src='/media/images/smile/sad.png'>",$data);
	$data = str_replace(":'(","<img src='/media/images/smile/crying.png'>",$data);
	$data = str_replace(":$","<img src='/media/images/smile/embarrassed.png'>",$data);
	$data = str_replace("(A)","<img src='/media/images/smile/angel.png'>",$data);
	$data = str_replace("(a)","<img src='/media/images/smile/angel.png'>",$data);
	$data = str_replace(":@","<img src='/media/images/smile/angry.png'>",$data);
	$data = str_replace(":S","<img src='/media/images/smile/confused.png'>",$data);
	$data = str_replace(":s","<img src='/media/images/smile/confused.png'>",$data);
	$data = str_replace(":D","<img src='/media/images/smile/smile-big.png'>",$data);
	$data = str_replace(":d","<img src='/media/images/smile/smile-big.png'>",$data);
	$data = str_replace(":o","<img src='/media/images/smile/shock.png'>",$data);
	$data = str_replace(":|","<img src='/media/images/smile/disapointed.png'>",$data);
	$data = str_replace(":#","<img src='/media/images/smile/sleepy.png'>",$data);
	$data = str_replace("8-)","<img src='/media/images/smile/eyeroll.png'>",$data);
	$data = str_replace("(lying)","<img src='/media/images/smile/lying.png'>",$data);
	$data = str_replace("8-|","<img src='/media/images/smile/glasses-nerdy.png'>",$data);
	$data = str_replace("(a)","<img src='/media/images/smile/angel.png'>",$data);
	$data = str_replace("(bye)","<img src='/media/images/smile/bye.png'>",$data);
	$data = str_replace("(clap)","<img src='/media/images/smile/clap.png'>",$data);
	$data = str_replace("(A)","<img src='/media/images/smile/angel.png'>",$data);
	$data = str_replace("(BYE)","<img src='/media/images/smile/bye.png'>",$data);
	$data = str_replace("(CLAP)","<img src='/media/images/smile/clap.png'>",$data);
	$data = str_replace("(})","<img src='/media/images/smile/hug-right.png'>",$data);
	$data = str_replace("({)","<img src='/media/images/smile/hug-left.png'>",$data);
	$data = str_replace("(y)","<img src='/media/images/smile/good.png'>",$data);
	$data = str_replace("(n)","<img src='/media/images/smile/bad.png'>",$data);
	$data = str_replace("(Y)","<img src='/media/images/smile/good.png'>",$data);
	$data = str_replace("(N)","<img src='/media/images/smile/bad.png'>",$data);
	$data = str_replace("(h5)","<img src='/media/images/smile/highfive.png'>",$data);
	$data = str_replace("(hi5)","<img src='/media/images/smile/highfive.png'>",$data);
	$data = str_replace("(H5)","<img src='/media/images/smile/highfive.png'>",$data);
	$data = str_replace("(Hi5)","<img src='/media/images/smile/highfive.png'>",$data);
	$data = str_replace("(L)","<img src='/media/images/smile/love.png'>",$data);
	$data = str_replace("(U)","<img src='/media/images/smile/love-over.png'>",$data);
	
	return $data;
	
}
function splitData($foo) {
if(preg_match("/(\w|\W)*(~)+(\w|\W)*/",$foo)) {
	$faa = explode("~",$foo);
	}
	else { $faa[0] = $foo;}
	return $faa;
}
function stateTriggers($obectUUID,$userUUID,$call,$thresh) {
$outcome = TRUE;
if($call == "LAYER THROUGH") {
	if ($thresh == "AUTO") {
	$outcome = "LAYER THROUGH";
	}
}
return $outcome;
}
function statePassThreshold($objectUUID,$userUUID,$call,$thresh) {
$outcome = TRUE;
if($call == "AUTO") {
	if ($thresh == "AUTO") {
	$outcome = TRUE;
	}
}
return $outcome;
}
function stateAvatarTriggers($userUUID,$call,$thresh) {
$outcome = TRUE;
if($call == "LAYER THROUGH") {
	if ($thresh == "AUTO") {
	$outcome = "LAYER THROUGH";
	}
}
return $outcome;
}
function stateAvatarPassThreshold($userUUID,$call,$thresh) {
$outcome = TRUE;
if($call == "AUTO") {
	if ($thresh == "AUTO") {
	$outcome = TRUE;
	}
}
return $outcome;
}
?>
